WordPress.org

Make WordPress Core

Changeset 24457


Ignore:
Timestamp:
06/21/2013 01:21:12 AM (7 years ago)
Author:
nacin
Message:

Add strict check to phpass's CheckPassword() method to avoid issues when the method is improperly called.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/class-phpass.php

    r18633 r24457  
    254254            $hash = crypt($password, $stored_hash);
    255255
    256         return $hash == $stored_hash;
     256        return $hash === $stored_hash;
    257257    }
    258258}
Note: See TracChangeset for help on using the changeset viewer.